litigators.org Open in urlscan Pro
2606:4700:3031::ac43:b345  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 8785177b-b331-40de-9d56-802576974daa.html Show response litigators.org/caseinfo/	5 KB 3 KB	278ms 176ms	Document text/html	2606:4700:3031::ac43:b345 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://litigators.org/caseinfo/8785177b-b331-40de-9d56-802576974daa.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 715ba7be12e966a320ac25ccfde321d3dd24a8a2cd1763681b45e541d2b6a4e1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7924ea832f6a9195-FRA content-encoding br content-type text/html;charset=UTF-8 date Tue, 31 Jan 2023 19:39:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dniLq1s4r4z91SL0cosRtZJIOqm7892Qo7J5mX8Pp94d1e8W%2FpOJl%2F1JpdGsQccNNt0CM1KQxfeOCySuV1SayYFLTujp95z%2Bsw%2F%2BntaP8gB%2FSUjCDZ4IbMeVw89RgkelJetHsaFXlsVh5FF5TA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	/ Show response lbwr.operative.dev/operative/ Frame 9466	2 KB 1 KB	358ms 307ms	Document text/html	2606:4700:3035::6815:36ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lbwr.operative.dev/operative/ Requested by Host: litigators.org URL: https://litigators.org/caseinfo/8785177b-b331-40de-9d56-802576974daa.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:36ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb51de337d6849745739fdb06311a38724b5020a7e34df92e05612b8c7c30d24 Request headers Referer https://litigators.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7924ea84bc3e9b70-FRA content-encoding br content-type text/html date Tue, 31 Jan 2023 19:39:55 GMT last-modified Mon, 30 Jan 2023 09:40:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPwWP5l%2F6n4XlJgf6uJExY%2BWn3LMAmQe85pHepslpBuF0NyAMmfbiRv%2BEJyZa8leqH%2BvVRbWvxi54T4nvoZoH9cyFmZjhKslYJUtFgCRAW3lmiW7tTs74A8SjoYI591%2Bz6Ev6K95bvte%2FDPOWyYs5HU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	s.js Show response litigators.org/cdn-cgi/zaraz/	6 KB 3 KB	21ms 20ms	Script text/javascript	2606:4700:3031::ac43:b345 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://litigators.org/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyTGl0aWdhdG9ycy5vcmclMjAtJTIwTGl0aWdhdGlvbiUyME1hbmFnZW1lbnQlMjAtJTIwQWNjZXB0JTIwQ2FzZSUyMiUyQyUyMnglMjIlM0EwLjIyODM3NDIyMzM1ODY2MzQyJTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZsaXRpZ2F0b3JzLm9yZyUyRmNhc2VpbmZvJTJGODc4NTE3N2ItYjMzMS00MGRlLTlkNTYtODAyNTc2OTc0ZGFhLmh0bWwlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE Requested by Host: litigators.org URL: https://litigators.org/caseinfo/8785177b-b331-40de-9d56-802576974daa.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df7723c11ddc5d25cf7503f1a62c12746f821ff8454d45d887edfeaad0789655 Request headers accept-language de-DE,de;q=0.9 Referer https://litigators.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 19:39:54 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-max-age 600 vary Origin, Accept-Encoding access-control-allow-methods GET, HEAD, POST, OPTIONS access-control-allow-origin https://litigators.org report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=td6gG36hTcEiDJJ%2BzlYRI9fDiGqZNeP0iiJIfbuC%2F4G6cb%2B7S2ifQwo9ZSQUuEn8nd9Vgjk7JFSQzwhqmpOGO8xImCwhRTCeLms8Nokt2Z781oDAg5yf7DS6D1itoSBWTya7%2FkqUI8g5s0bOOA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript access-control-allow-credentials true cf-ray 7924ea8469da9195-FRA access-control-allow-headers Content-Type, Set-Cookie, Cache-Control alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	array.js Show response app.posthog.com/static/	89 KB 28 KB	384ms 181ms	Script text/javascript	44.209.254.194 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.posthog.com/static/array.js Requested by Host: litigators.org URL: https://litigators.org/caseinfo/8785177b-b331-40de-9d56-802576974daa.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.209.254.194 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-209-254-194.compute-1.amazonaws.com Software / Resource Hash 8d764d902a1ae2e43be574e9f89079f78ef586e39abad38a4c511cc341f2a15c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://litigators.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 19:39:55 GMT content-encoding gzip x-content-type-options nosniff referrer-policy same-origin last-modified Tue, 31 Jan 2023 19:25:52 GMT etag "63d96b40-162a7" vary Accept-Encoding x-frame-options DENY content-type text/javascript; charset="utf-8" access-control-allow-origin * cache-control max-age=60, public content-length 28430
POST H2	200	/ Show response app.posthog.com/e/	13 B 274 B	109ms 108ms	XHR application/json	44.209.254.194 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.posthog.com/e/?ip=1&_=1675193995378&ver=1.42.3 Requested by Host: app.posthog.com URL: https://app.posthog.com/static/array.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.209.254.194 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-209-254-194.compute-1.amazonaws.com Software / Resource Hash 7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://litigators.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 31 Jan 2023 19:39:55 GMT x-content-type-options nosniff referrer-policy same-origin access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://litigators.org access-control-allow-credentials true access-control-allow-headers X-Requested-With,Content-Type
POST H2	200	/ Show response app.posthog.com/decide/	352 B 613 B	107ms 107ms	XHR application/json	44.209.254.194 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.posthog.com/decide/?v=3&ip=1&_=1675193995379&ver=1.42.3 Requested by Host: app.posthog.com URL: https://app.posthog.com/static/array.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.209.254.194 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-209-254-194.compute-1.amazonaws.com Software / Resource Hash 8ed1ed40420e97a8773a7f10c415df38e14e211d30055661b5c514b7c02f4741 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://litigators.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 31 Jan 2023 19:39:55 GMT x-content-type-options nosniff referrer-policy same-origin access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://litigators.org access-control-allow-credentials true access-control-allow-headers X-Requested-With,Content-Type
GET H2	200	css2 fonts.googleapis.com/ Frame 9466	384 B 710 B	44ms 17ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Kristi&display=swap Requested by Host: lbwr.operative.dev URL: https://lbwr.operative.dev/operative/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 05090ddbfeec80eba9cd64702ca6aba31ad99ffd0b31fc3968ef33b23613834c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 31 Jan 2023 19:39:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 31 Jan 2023 19:39:55 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 31 Jan 2023 19:39:55 GMT
GET H2	200	twilio.min.js Show response lbwr.operative.dev/operative/assets/js/ Frame 9466	257 KB 62 KB	484ms 482ms	Script application/javascript	2606:4700:3035::6815:36ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lbwr.operative.dev/operative/assets/js/twilio.min.js Requested by Host: lbwr.operative.dev URL: https://lbwr.operative.dev/operative/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:36ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c8ddd2284203d5eae636da48dd979dd4fd15dac68bb5a07dd73ddba2b8b421e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 19:39:55 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 30 Jan 2023 09:41:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"404b0-5f3780598b34d-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvtBDurG5ZoFlnHdi9KtpUW%2BFZGQaK6CUFCRJLxhsPnBCAVjGMV1rAd6Jlbh8cES5aOnSGRXEu7Db%2FSBCMZ7rB2m6eBvHnJeeR4thHLoqDuxA2ZiPWSTi%2FJt7R55BOPQeymkdmWS6OAKh%2BcyMYBisro%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7924ea8739ef9b70-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	runtime-es2015.js Show response lbwr.operative.dev/operative/ Frame 9466	9 KB 3 KB	317ms 315ms	Script application/javascript	2606:4700:3035::6815:36ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lbwr.operative.dev/operative/runtime-es2015.js Requested by Host: lbwr.operative.dev URL: https://lbwr.operative.dev/operative/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:36ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0b0c05ad87c5065242ad7fde8316ecb9bb1a79946c18cb6063e7627f31d238d Request headers Referer Origin https://lbwr.operative.dev accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 19:39:55 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 30 Jan 2023 09:40:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"240b-5f37800470dbe-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3LD3gegQG6g%2FL6T2K0Rtmb6I4WjaP8o9wapejYlLmgJTSACFNTrFw9YriEDeWL3QljEovbDzhyg4S9wd%2Fn1hpIGvLuKeTlMX2Z2O771vT9K2Y9XKkZ2EGRLwpkBxQIkTFNezC%2Fr792yWwEy460aBUU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7924ea8739f09b70-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	polyfills-es2015.js Show response lbwr.operative.dev/operative/ Frame 9466	150 KB 31 KB	447ms 446ms	Script application/javascript	2606:4700:3035::6815:36ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lbwr.operative.dev/operative/polyfills-es2015.js Requested by Host: lbwr.operative.dev URL: https://lbwr.operative.dev/operative/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:36ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cdaa8e515bfee141844f346177bb505b4ba17209b6dbe1d5156ca623b0210dfa Request headers Referer Origin https://lbwr.operative.dev accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 19:39:55 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 30 Jan 2023 09:39:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"257de-5f377ff6b74f5-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0RmVMlySrskzq2GgDAiKa7Rib47Ehb5ZUkJVWBgeoQ1Q0twyW1U3MRQOJQdh%2FubNTIwrMU6gFX2AfXOU3n6A1abzlDwLgD0F%2FYhRWtajjs2A%2BOiVKSO7Uw%2BP2JcUiybDkw61w00jPG6iaCeTq9loTo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7924ea8739f29b70-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	styles-es2015.js Show response lbwr.operative.dev/operative/ Frame 9466	4 MB 538 KB	532ms 530ms	Script application/javascript	2606:4700:3035::6815:36ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lbwr.operative.dev/operative/styles-es2015.js Requested by Host: lbwr.operative.dev URL: https://lbwr.operative.dev/operative/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:36ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5cb63ebfe4eea0087ebb67427c922848f8afd92290a3c5f4f4ebe97250653848 Request headers Referer Origin https://lbwr.operative.dev accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 19:39:55 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 30 Jan 2023 09:40:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3e5ada-5f37800007fe0-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUwmj8PDZCguhlH87t6YoXqEtfLYRfyqgE1C2opTWlryG7uu1h%2BaAEwkBVnx2ZtUPi4fQfqNj8XQzZJeRzyOEpLTJymDkeUJt12KYRq%2BeqOJ3LE0k8Mmji4cqIthGFeuV%2BgXG7miyySHFliy6f7iRgw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7924ea8739f39b70-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	scripts.js Show response lbwr.operative.dev/operative/ Frame 9466	2 MB 530 KB	582ms 581ms	Script application/javascript	2606:4700:3035::6815:36ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lbwr.operative.dev/operative/scripts.js Requested by Host: lbwr.operative.dev URL: https://lbwr.operative.dev/operative/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:36ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6cc165129933306fb5f3f0ab8f476a987bc547d2a2f1ef119a5fc054c9ecc72d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 19:39:55 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 30 Jan 2023 09:40:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"200b32-5f37802d89f9a-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2ByfsiobM%2FkvElB98oIkPn3%2Fl8Zt3jZyCzUr4r9atA6ApQ%2F6kufOu98vuNNjFgDWDVgO89fiY0uNk0fzls6dvCLOReTz88hGw8pkfMp5pZeMreGniabm67mH8Wx6wwtfiqfz6GSUhkRQK8hm3nXthHk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7924ea8739f89b70-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	vendor-es2015.js Show response lbwr.operative.dev/operative/ Frame 9466	16 MB 3 MB	611ms 610ms	Script application/javascript	2606:4700:3035::6815:36ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lbwr.operative.dev/operative/vendor-es2015.js Requested by Host: lbwr.operative.dev URL: https://lbwr.operative.dev/operative/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:36ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b5bcc0b874e73f03049a0f784faab2b86cf66b15c9d46e5d0f603b4ba125fb4 Request headers Referer Origin https://lbwr.operative.dev accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 19:39:55 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 30 Jan 2023 09:41:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"102c1db-5f378043ed385-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nx2ZODXTr8RAPRsjox5PPvxzrHYM7QfBBb3oOZO8%2FEJGNv3J9GZhZdG5dYk6fDkKqR318Ym4FGU5r%2FCO%2FME3T6Hm9xulpWiUy96OE5Y6P0ZRWoAOKk9p18c6yuLuUhMoKRdgT%2B7DzXsLP4pC9y6izxo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7924ea8739f59b70-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	main-es2015.js Show response lbwr.operative.dev/operative/ Frame 9466	10 MB 1014 KB	534ms 533ms	Script application/javascript	2606:4700:3035::6815:36ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lbwr.operative.dev/operative/main-es2015.js Requested by Host: lbwr.operative.dev URL: https://lbwr.operative.dev/operative/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:36ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 532706b9402aa7605b4efa800db1d1a037021fe94c2a743b101962cb2a1882b2 Request headers Referer Origin https://lbwr.operative.dev accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 19:39:55 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 30 Jan 2023 09:40:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"a53594-5f37801c30b97-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3YsQB9%2F6jD8rmzTMzHFIazVWHUEkk%2BEMW7UM5nl%2BIdLyDHHteNhCCS9KNJWDxQP6B%2BTlbxrYHWaT5Yl2lnsYQXKIg9iKQc7lozlIiKDewRxl6DLfzLc69m7IHKPx4hPHyXkaacDjUeyknZ2FWG3wbI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7924ea8739f79b70-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	recorder.js Show response app.posthog.com/static/	61 KB 20 KB	100ms 99ms	Script text/javascript	44.209.254.194 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.posthog.com/static/recorder.js?v=1.42.3 Requested by Host: app.posthog.com URL: https://app.posthog.com/static/array.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.209.254.194 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-209-254-194.compute-1.amazonaws.com Software / Resource Hash 4d3d61d27c747fd88d4d63df56e8c4762d3ea75d0ce0b9357710e1fd2c23da9a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://litigators.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 19:39:55 GMT content-encoding gzip x-content-type-options nosniff referrer-policy same-origin last-modified Tue, 31 Jan 2023 19:25:52 GMT etag "63d96b40-f471" vary Accept-Encoding x-frame-options DENY content-type text/javascript; charset="utf-8" access-control-allow-origin * cache-control max-age=31536000, public content-length 20033
POST H3	200	getTypeformData Show response lbwr.operative.dev/multitenant/public/api/ Frame 9466	10 KB 3 KB	668ms 668ms	XHR application/json	2606:4700:3035::6815:36ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lbwr.operative.dev/multitenant/public/api/getTypeformData Requested by Host: lbwr.operative.dev URL: https://lbwr.operative.dev/operative/polyfills-es2015.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:36ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 764efc399330bbed5ed713868c3cf45e29b406c39d354c08446766d78d0d9d10 Request headers Accept application/json Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Content-Type application/json Response headers date Tue, 31 Jan 2023 19:39:57 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMu5J5btuZSeIOXkcn%2BumslWnNsfMgotaVQzioX2eaSqRoYFEPBXmeIGwGaMQJcYab3j73YzMKP9kGVsV%2F2kDJjK8jsQwI8WESmRRZ9j4J4EvMv9OCD%2BgpGjHfPgLVeN4MMbALZT4UU0ox23g5SndR0%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, PUT, POST, DELETE, OPTIONS, POST, GET, OPTIONS, PUT, DELETE content-type application/json cache-control no-cache, private cf-ray 7924ea925ae06910-FRA access-control-allow-headers Content-Type, X-Auth-Token, Origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	ajax-loader.gif lbwr.operative.dev/operative/ Frame 9466	43 KB 43 KB	315ms 315ms	Image image/gif	2606:4700:3035::6815:36ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lbwr.operative.dev/operative/ajax-loader.gif Requested by Host: lbwr.operative.dev URL: https://lbwr.operative.dev/operative/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:36ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 880d2a4c67fe9f0acee01d3690956105eac7eaeee3d254c34b64dfd24186a35a Request headers accept-language de-DE,de;q=0.9 Referer https://lbwr.operative.dev/operative/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 19:39:57 GMT cf-cache-status REVALIDATED last-modified Mon, 30 Jan 2023 09:40:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "ab2a-5f378030e0700" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ioNwKMSnBdhCV%2BUlL39WFZ%2FXUX9v9yo2Dv1A4JlKnykYkakL9Fhrbhhk9SymzpaGntrmcHwdQc%2FFIfeTvm0i8OAfsnQLFhbMhF9Z0KYJkqYtpeljO%2Fc0glzspn01IKX5f7fy9XN0YuEcDyequmYV%2Fk%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 7924ea925ae76910-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43818
GET H3	200	noimage.png lbwr.operative.dev/operative/assets/img/ Frame 9466	2 KB 3 KB	288ms 288ms	Image image/png	2606:4700:3035::6815:36ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lbwr.operative.dev/operative/assets/img/noimage.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:36ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89ad4b5106ca4b1330c901c77e76e368ac151ef11fa536d0a9fe69ee0c88d7bc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 19:39:58 GMT cf-cache-status MISS last-modified Mon, 30 Jan 2023 09:41:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "918-5f3780692ef8f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyzKxOzdhpHKZuYOUphUCCcqz7Il6Ld7NyocXPmgfZANSpnSLjV8abHuf5UKJFtu1Z7Ah032rt8jiO%2FByTwJQAB%2Bv81e9d2acKjqOPDi%2FQ1%2BoQu%2B2TqeJozJWq1u4FnP3%2BIFDh9yjUwFXKymwKq8WPs%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7924ea96aaec6910-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2328
GET H3	200	fa-solid-900.woff2 lbwr.operative.dev/operative/ Frame 9466	78 KB 79 KB	500ms 500ms	Font font/woff2	2606:4700:3035::6815:36ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lbwr.operative.dev/operative/fa-solid-900.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:36ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658 Request headers Referer https://lbwr.operative.dev/operative/ Origin https://lbwr.operative.dev accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 19:39:58 GMT cf-cache-status MISS last-modified Mon, 30 Jan 2023 09:39:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "13914-5f377ffaca3e0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgKKd3DLK%2B33sbUjIYw3iZlJGnRVdmHcyXz8JzLYOuws220Bdf5AqbY53y8ylCcXZK9ZaP7GvxAuY6Y3eioUdmL%2FXqvfT0a0kidYS%2FIUicg3jS9Kq2HE3hSlSVX6a0suiHBG%2FxojOw2SVOgv5JuoOuU%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 7924ea96aaf36910-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 80148

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| zarazData object| zaraz object| dataLayer object| posthog function| rrwebRecord object| rrwebConsoleRecord object| rrweb

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.litigators.org/	1970-01-20 18:05:29	Name: ph_phc_lTSSpCRKGRLPvI1N2dNcb33Bx9sWkU3H9d1AtGcKp2i_posthog Value: %7B%22distinct_id%22%3A%221860957d0682-0f6961ab080a33-60325d57-1d4c00-1860957d069d1c%22%2C%22%24device_id%22%3A%221860957d0682-0f6961ab080a33-60325d57-1d4c00-1860957d069d1c%22%2C%22%24referrer%22%3A%22%24direct%22%2C%22%24referring_domain%22%3A%22%24direct%22%2C%22%24sesid%22%3A%5B1675193995600%2C%221860957d06c1ef7-0e5dcc5c891fbd-60325d57-1d4c00-1860957d06dd61%22%2C1675193995371%5D%2C%22%24session_recording_enabled_server_side%22%3Atrue%2C%22%24console_log_recording_enabled_server_side%22%3Atrue%2C%22%24active_feature_flags%22%3A%5B%5D%2C%22%24enabled_feature_flags%22%3A%7B%7D%2C%22%24feature_flag_payloads%22%3A%7B%7D%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.posthog.com
fonts.googleapis.com
lbwr.operative.dev
litigators.org
2606:4700:3031::ac43:b345
2606:4700:3035::6815:36ec
2a00:1450:4001:806::200a
44.209.254.194
05090ddbfeec80eba9cd64702ca6aba31ad99ffd0b31fc3968ef33b23613834c
3c8ddd2284203d5eae636da48dd979dd4fd15dac68bb5a07dd73ddba2b8b421e
4d3d61d27c747fd88d4d63df56e8c4762d3ea75d0ce0b9357710e1fd2c23da9a
532706b9402aa7605b4efa800db1d1a037021fe94c2a743b101962cb2a1882b2
5cb63ebfe4eea0087ebb67427c922848f8afd92290a3c5f4f4ebe97250653848
6cc165129933306fb5f3f0ab8f476a987bc547d2a2f1ef119a5fc054c9ecc72d
715ba7be12e966a320ac25ccfde321d3dd24a8a2cd1763681b45e541d2b6a4e1
764efc399330bbed5ed713868c3cf45e29b406c39d354c08446766d78d0d9d10
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
880d2a4c67fe9f0acee01d3690956105eac7eaeee3d254c34b64dfd24186a35a
89ad4b5106ca4b1330c901c77e76e368ac151ef11fa536d0a9fe69ee0c88d7bc
8b5bcc0b874e73f03049a0f784faab2b86cf66b15c9d46e5d0f603b4ba125fb4
8d764d902a1ae2e43be574e9f89079f78ef586e39abad38a4c511cc341f2a15c
8ed1ed40420e97a8773a7f10c415df38e14e211d30055661b5c514b7c02f4741
cdaa8e515bfee141844f346177bb505b4ba17209b6dbe1d5156ca623b0210dfa
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
df7723c11ddc5d25cf7503f1a62c12746f821ff8454d45d887edfeaad0789655
e0b0c05ad87c5065242ad7fde8316ecb9bb1a79946c18cb6063e7627f31d238d
eb51de337d6849745739fdb06311a38724b5020a7e34df92e05612b8c7c30d24